News – July 2023

  • Wuhan Earthquake Monitoring Center suffers cyberattack from the US; investigation underway

    July 26, 2023

    The Wuhan Earthquake Monitoring Center has recently suffered a cyberattack launched by an overseas organization, the city’s emergency management bureau which the center is affiliated to said in a statement on Wednesday. This is another case of its kind following the June 2022 cyberattack from overseas against a Chinese university. The expert panel on the case ...

  • Hibernating Qakbot: A Comprehensive Study and In-depth Campaign Analysis

    July 25, 2023

    In the ever-evolving landscape of cyber threats, banking trojans continue to pose a significant risk to organizations worldwide. Among them, Qakbot, also known as QBot or Pinkslipbot, stands out as a highly sophisticated and persistent malware active since 2007, targeting businesses across different countries. With a primary focus on stealing financial data and login credentials from ...

  • Securing Digital Technologies of the Next Generation of Nuclear Reactors

    July 25, 2023

    All innovations bring potential benefits that could transform industries, but they also bring potential risks. In the nuclear field, advanced nuclear reactors, including small modular reactors (SMRs), are incorporating innovative technologies, particularly digital technologies that yield novel solutions. There is growing interest in SMRs. These advanced nuclear reactors have a limited power capacity — typically ...

  • What might authentication attacks look like in a phishing-resistant future?

    July 25, 2023

    The industry has come a long way in terms of improving how we make user authentication more secure. From the most basic concept of relying on usernames and passwords for authentication to enabling multi-factor authentication (MFA) for additional security, we are now embracing a shift toward passwordless logins and/or passkeys that are designed with security ...

  • CISA Releases Four Industrial Control Systems Advisories

    July 25, 2023

    CISA released four Industrial Control Systems (ICS) advisories on July 25, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-206-01 AXIS A1001 ICSA-23-206-02 Rockwell Automation ThinManager ThinServer Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • Cryptojacking: Understanding and defending against cloud compute resource abuse

    July 25, 2023

    In cloud environments, cryptojacking – a type of cyberattack that uses computing power to mine cryptocurrency – takes the form of cloud compute resource abuse, which involves a threat actor compromising legitimate tenants. Cloud compute resource abuse could result in financial loss to targeted organizations due to the compute fees that can be incurred from the ...

  • Maldives: Sun Siyam Resorts’ IT network hit with cyber attack

    July 25, 2023

    Sun Siyam Resorts IT network has been targeted by a hacking attack. The company’s management said its team was working diligently to resolve the issue promptly. The company asked for patience and support as it works to resolve the issue. Read more… Source: Sun Siyam News  

  • Norway government ministries hit by cyber attack

    July 24, 2023

    Norwegian authorities reported a cyber attack of unknown origin against 12 government ministries on Monday. “We have uncovered a previously unknown vulnerability in the software of one of our suppliers,” said Erik Hope, director of the Norwegian ministries’ security and service organisation, in a press statement. “This vulnerability has been exploited by an unknown actor. We ...

  • Ivanti Patches Endpoint Manager Mobile CVE-2023-35078 Remote Unauthenticated API Access Vulnerability

    July 24, 2023

    A vulnerability has been discovered in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. This vulnerability impacts all supported versions – Version 11.4 releases 11.10, 11.9 and 11.8. Older versions/releases are also at risk. If exploited, this vulnerability enables an unauthorized, remote (internet-facing) actor to potentially access users’ personally identifiable information and make ...

  • Atlassian security updates address three high severity vulnerabilities affecting multiple products

    July 24, 2023

    Atlassian has released the July 2023 Security Bulletin that addresses three high severity vulnerabilities in multiple products. CVE-2023-22505 and CVE-2023-22508 are Remote Code Execution (RCE) vulnerabilities affecting Confluence Server and Confluence Data Center. CVE-2023-22506 is an injection and RCE vulnerability affecting Bamboo Server and Bamboo Data Center. Read more… Source:  NHS Digital